Carl gave you the correct answer. I'll just add that his way will also take a huge load off your server. What you are doing now is accepting the whole message...then sending an entire new message for the NDR.
His way your server tells the sending server during the initial SMTP conversation that there is no such recipient. So you never even accept the original message. From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Wednesday, August 19, 2009 1:42 PM To: MS-Exchange Admin Issues Subject: RE: NDRs backscatter and such Enable recipient filtering and tick the box for "filter recipients who are not in the directory". That will eliminate all of the NDRs from spam sent to non-existent addresses. The senders who make a typo will still get NDRs, but those NDRs will be generated by the sending servers instead of yours. This is the Best Practice thing to do. The spammers won't get any NDRs because spambots don't bother to generate them. The other response about tarpitting, you want to do that too. Tarpitting doesn't do anything for you unless you've enabled the recipient filtering for non-existent addresess. Carl From: Bill Songstad (WCUL) [mailto:administra...@waleague.org] Sent: Wednesday, August 19, 2009 1:25 PM To: MS-Exchange Admin Issues Subject: NDRs backscatter and such Okay, backscatter is an annoyance at the very least. So I want to do something about it. My messaging queue is 90% NDRs to domains and subdomains with no MX records. Of course the easy solution is to just uncheck "allow Non-Delivery reports" in Internet Messaging formats within ESM. But my organization provides research services via email request to thousands of members. Sometimes the members just fire off an email to the researcher who helped them last time. But, that researcher may be gone from the organization. So how do you have the NDR functionality without feeding the spammers and contributing to backscatter? Just trying to brainstorm here Bill
